Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46263 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lloyd Saunders Author Box After Posts allows Stored XSS.This issue affects Author Box After Posts: from n/a through 1.6. | |||||
| CVE-2025-46262 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz Mad Mimi for WordPress allows Stored XSS.This issue affects Mad Mimi for WordPress: from n/a through 1.5.1. | |||||
| CVE-2025-46543 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Charly Leetham Enhanced Paypal Shortcodes allows Stored XSS.This issue affects Enhanced Paypal Shortcodes: from n/a through 0.5a. | |||||
| CVE-2025-23983 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tijaji allows Reflected XSS.This issue affects Tijaji: from n/a through 1.43. | |||||
| CVE-2025-22789 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks polka dots allows Reflected XSS.This issue affects polka dots: from n/a through 1.2. | |||||
| CVE-2025-23988 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno Cavalcante Ghostwriter allows Reflected XSS.This issue affects Ghostwriter: from n/a through 1.4. | |||||
| CVE-2025-22791 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twh offset writing allows Reflected XSS.This issue affects offset writing: from n/a through 1.2. | |||||
| CVE-2025-22687 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asmedia Tuaug4 allows Reflected XSS.This issue affects Tuaug4: from n/a through 1.4. | |||||
| CVE-2025-22678 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mythemes my white allows Reflected XSS.This issue affects my white: from n/a through 2.0.8. | |||||
| CVE-2025-23981 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takimi Themes CarZine allows Reflected XSS.This issue affects CarZine: from n/a through 1.4.6. | |||||
| CVE-2025-22792 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jinwen Js O3 Lite allows Reflected XSS.This issue affects Js O3 Lite: from n/a through 1.5.8.2. | |||||
| CVE-2025-23986 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks Tiki Time allows Reflected XSS.This issue affects Tiki Time: from n/a through 1.3. | |||||
| CVE-2025-22790 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in asmedia allows Reflected XSS.This issue affects moseter: from n/a through 1.3.1. | |||||
| CVE-2025-23979 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1. | |||||
| CVE-2024-3851 | 1 Pribai | 1 Privategpt | 2025-05-19 | N/A | 5.4 MEDIUM |
| A stored Cross-Site Scripting (XSS) vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exploit this vulnerability by uploading malicious HTML files, such as those containing JavaScript payloads, which are then executed in the context of the victim's session when accessed. This could lead to the execution of arbitrary JavaScript code in the context of the user's browser session, potentially resulting in phishing attacks or other malicious actions. The vulnerability affects the latest version of the repository. | |||||
| CVE-2025-48239 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce allows Stored XSS. This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/a through 3.1.0. | |||||
| CVE-2025-48251 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Emails & Recipients for WooCommerce allows Stored XSS. This issue affects Additional Custom Emails & Recipients for WooCommerce: from n/a through 3.5.1. | |||||
| CVE-2025-48235 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bogdan Bendziukov WP Image Mask allows DOM-Based XSS. This issue affects WP Image Mask: from n/a through 3.1.2. | |||||
| CVE-2025-48240 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Cost of Goods for WooCommerce allows Stored XSS. This issue affects Cost of Goods for WooCommerce: from n/a through 3.7.0. | |||||
| CVE-2025-48269 | 2025-05-19 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts allows DOM-Based XSS. This issue affects WPAdverts: from n/a through 2.2.3. | |||||